# fss-0002

main:
  ./configure $CONF
  make pkgconfig=${TC}lib/pkgconfig/
  make pkgconfig=${TC}lib/pkgconfig/ install
  mv -v /bin/iptables-xml /sbin/
  mkdir -vp /etc/network
  chmod ugo-x /lib/libxtables.la
  chmod ugo-x /lib/libip{4,6}tc.la
  mv -v /lib/libxtables.la ${TC}lib/
  mv -v /lib/libiptc.la ${TC}lib/
  mv -v /lib/libip{4,6}tc.la ${TC}lib/
  chgrp e_network /etc/network/{hosts,resolution,services,protocols}
  chgrp e_network_admin -R /sbin/{iptables,ip6tables,iptables-{restore,save,xml},ip6tables-{restore,save},xtables-multi} /lib/xtables /lib/libxtables.so* /lib/libip{4,6}tc.so*
  chmod o-rx /etc/network/{hosts,resolution,services,protocols}
  chmod o-rx -R /sbin/{iptables,ip6tables,iptables-{restore,save,xml},ip6tables-{restore,save},xtables-multi} /lib/xtables /lib/libxtables.so* /lib/libip{4,6}tc.so*
  #setcap cap_net_admin,cap_net_raw,cap_net_broadcast,cap_net_bind_service=ep /sbin/iptables
  #setcap cap_net_admin,cap_net_raw,cap_net_broadcast,cap_net_bind_service=ep /sbin/ip6tables
  #setcap cap_net_admin,cap_net_raw,cap_net_broadcast,cap_net_bind_service=ep /sbin/xtables-multi
  chmod +s /sbin/iptables
  chmod +s /sbin/ip6tables
  chmod +s /sbin/xtables-multi
  chgrp e_network_admin /lib/libiptc.so*
  chmod o-rx /lib/libiptc.so*
  rm -Rf /usr/
  rm -Rf /sbin/iptables-{restore,save,xml}
  rm -Rf /sbin/ip6tables-{restore,save,xml}
  if [[ -d /lib/pkgconfig ]] ; then mv -v /lib/pkgconfig/{libiptc,xtables,libip4tc,libip6tc}.pc ${TC}lib/pkgconfig/ ; fi
  if [[ -d /lib/pkgconfig ]] ; then rmdir -v /lib/pkgconfig ; fi
